Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Comptia Discussions

Exam CAS-003 topic 1 question 103 discussion

Actual exam question from CompTIA's CAS-003
Question #: 103
Topic #: 1
[All CAS-003 Questions]

A security engineer is working with a software development team. The engineer is tasked with ensuring all security requirements are adhered to by the developers.
Which of the following BEST describes the contents of the supporting document the engineer is creating?

  • A. A series of ad-hoc tests that each verify security control functionality of the entire system at once.
  • B. A series of discrete tasks that, when viewed in total, can be used to verify and document each individual constraint from the SRTM.
  • C. A set of formal methods that apply to one or more of the programing languages used on the development project.
  • D. A methodology to verify each security control in each unit of developed code prior to committing the code.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by SoukelezArtibuz at Nov. 29, 2020, 8:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
arawaco
2 years, 9 months ago
Possible answers B and D. But D is the correct. B is parcially correct when use SRTM, but is incorrectc when propuse work with discrete task. D is correct because use a mthodology to verify, in that methodology you can work with SRTM.
upvoted 1 times
...
Trap_D0_r
3 years, 2 months ago
Definitely B.
upvoted 2 times
...
boblee
3 years, 2 months ago
B. A security requirements traceability matrix (SRTM) is a grid that allows documentation and easy viewing of what is required for a system’s security. SRTMs are necessary in technical projects that call for security to be included.
upvoted 3 times
...
SoukelezArtibuz
3 years, 4 months ago
B looks more accurate, no? "SRTM is a matrix that makes it easy to identify the security requirements of a given system and the actual implementations or tests that can evaluate whether the requirement has been achieved."
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel